search cancel

CVE-2022-47939 - kernel use after free

book

Article ID: 257606

calendar_today

Updated On:

Products

Messaging Gateway

Issue/Introduction

There is concern that the Messaging Gateway appliance / virtual machine is affected by CVE-2022-47939.

Environment

Messaging Gateway

Resolution

Messaging Gateway is not vulnerable to this issue. 

No release of Messaging Gateway runs the affected kernel versions.

Additional Information

https://nvd.nist.gov/vuln/detail/CVE-2022-47939

CVE-2022-47939 Detail

Description

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.